CVE-2014-9023

2014-11-20T12:50:12
ID CVE-2014-9023
Type cve
Reporter NVD
Modified 2016-06-01T22:19:42

Description

The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission.